HTTPS Identities - How to run openid server properly?
Lukas Rosenstock
inbox at lukasrosenstock.net
Sun Sep 3 20:17:43 UTC 2006
Use http:// for the identity URLs and then declare first priority OpenID
server a https://-URL and for those who cannot cope with it another
http://-URL as the second priority OpenID server, the identity URL itself
is not the important part to be secure but the server is. Priorities can
be expressed in the Yadis/XRDS document.
Am 01.09.2006, 03:59 Uhr, schrieb Vladimir <vlach at seznam.cz>:
> Hello,
>
> I've setup new OpenID server https://openid.cz but I face issues with
> http/https indetities.
>
> I decided to force everything to https but this seems to be a problem
> with many Consumer sites not supporting https protocol.
>
> We all know, from previous posts, that identity such as
> https://openid.cz/steve is different then http://openid.cz/steve so I
> set all identities to https prefix.
>
> But then I went to:
> http://www.danga.com/openid/demo/demo.html
> or
> http://wiki.idmashup.org/
> "Sorry, this implementation is unable to access URL
> 'https://openid.cz/server/'. This may be because the URL protocol is not
> supported."
>
> and those don't work because SSL is not supported. Should I move back
> from SSL and switch everything to non-SSL identities?
>
> How would you solve this?
> Thanks,
> Vlad
More information about the yadis
mailing list